1Z0-1109-25

1. ABC Inc. is a software development firm that uses DevOps practices. They want to minimize the risk of security breaches by incorporating security into their deverlopment process from the start. To accomplish this, they are concentrating on incorporating DevSecOps best practices into their DevOps process. Which two are best practices that ABC Inc. should implement?. Manually execute DevOps security processes and tools to reduce the risk of errors and. Follow established security guidelines, such as the OWASP DevSecOps guideline, during the deverlopment and testing process. Perform regular seans for vulnerabilities and prioritize fixing them based on their severity. Utilize a permission-based system where access to resources and responsibilities is granted on an individual basis rather than a role-based system. Have a flat network with no segmentation or isolation, where all devices and resources are interconnected and accessible to anyone on the network.

2. What is the correct approach to upgrade an Oracle Container Engine for Kubernetes (OKE) Cluster to a newer version of Kubernetes?. Upgrade the node pools one at a time, then once all node pools are upgraded, upgrade the control plane. Initiate the control plane and node pool upgrades simultaneously. Upgrade the control plane, then upgrade the node pools. Initiate the automated upgrade process using the OCI Console, CLI, or API. OCI Console,.

3. You host a microservices based application on the Oracle Cloud Infrastructure Container Engine for Kubernetes(OKE). Due to increased popularity of your application, you need to provision more to meet the growing demand. Which two statements are true for the given scenario?. Scale a cluster up and down by changing the number of node pools in the cluster. Create a second OKE cluster and scale the application across it. Scale a node pool up and down to change the number of worker nodes in the availability domains and subnets in which to place them. Enable cluster autoscaling by autoscaling node pools by deploying Kubernetes Metrics Ser and using the Kubernetes Vertical Pod Autoscaler to adjust the resource request and limits. Enable autoscaling by autoscaling Pods by deploying Kubernetes Autoscaler to collect resource metrics from each worker node in the cluster.

4. How can you run applications on GPU worker nodes in clusters created using Container Engine for Kubernetes (OKE)?. By selecting a managed node pool, a GPU shape, and a GPU image, and specifying the number of CPU resources required in the pod spec. By selecting a managed node pool, a GPU shape, and a GPU image, and ensuring that the CUDA libraries for different GPUs are pre-installed on the worker nodes. By selecting a virtual node pool, a GPU shape, and a GPU image, and ensuring that the CUDA libraries are included in the application container. By selecting a managed node pool, a GPU shape, and a GPU image that has CUDA libraries pre-installed, and specifying the number of GPU resources required in the pod spec.

5. As a DevOps engineer at XYZ Corp, you are responsible for ensuring the smooth operation of high traffic web applications hosted on Oracle Cloud Infrastructure (OCI). The web applications run on multiple OCI resources, including virtual machines, load balances, and databases. Recently, users have reported failures while accessing one of time OCI-based web applications, and you suspect HTTP 5XX errors on the load balancer. You need to quickly identify and address this issue. Which of the following statements can assist you in quickly identifying and monitoring the HTTP 5XX error rate on the load balancer and setting up notifications?. Use Metrics and Alarms of the Monitoring service to monitor the HTTP 5XX error rate on the load balancer and set up notifications with OCI Notifications. Use Metrics and Alarms of the Monitoring service with Container Engine for Kubernetes (OKE) to monitor HTTP 5XX errors on Kubernetes resources and correlate them with other OCI resources. Use Custom Metrics of the Monitoring service to collect HTTP 5XX error rates from the load balancer and set up Service Connectors with third-party services such as PagerDusty or Slack. Use Event Rules to detect HTTP 5XX errors on the load balancer and trigger automated actions using OCI Functions or API Gateway.

6. While adding variables to your build_spec.yaml file, you made a mistake that resulted in a failed build pipeline What is the error you could have made?. Defined a field such as type: DOCKER_IMAGE in the output Artifacts: section to specify the docker image produced by the Build stage. Defined parameters such as the $ (VARIABLE NAME) file and later assigned their values in the Parameters tab of the build pipeline. Used vault Variable to hold the content of the vault secrets in Base64 format. Defined variables as exported Variables to make them available in subsequent stages of the same pipeline.

7. Your application development team has an existing GitHub repostory for their code. You would like to mirror it on Oracle Cloud Infrastructure (OCI) in order to deploy an application to an Oracle Container Engine for Kubernetes (OKE) environment using the OCI DevOps service. Which action can be done AFTER you trigger a Build Pipeline?. Apply a manifest to the Kubernetes cluster using the deployment pipeline. Configure the SSH file so that their SSH key is used when connecting to OCI Code Repositories. Configure an OCI compartment for storing DevOps resources. Create a reference to a secret in the OCI Vault.

8. Which OCI DevOps project resource is responsible for defining the stages for compiling. testing, and running software applications before delpoyment?. Build pipelines. Deployment pipelines. Development pipelines. Integration pipelines.

9. XYZ Inc. is using Oracle Cloud Infrastructure (OCI) DevOps Project to deploy their e-commerce application to production. They recently received a customer request to add a new feature to the application, which requires modification of the existing code. How can XYZ Inc. use OCI services to automatically push the modified code changes to the production. Use the OCI Resource Manager to automatically apply the changes to the production environment after successful testing. Manual builds can be run from the OCI DevOps Build Pipelines to deploy the changes. Use OCI Ansible modules to automate the deployment of the new changes to the production environment. Use the OCI DevOps Triggers feature to automate build and deployment on every code commit.

10. You are tasked with creating and managing a microservices-based application using Oracle Cloud Infrastructure Registry (OCIR) Which statement accurately describe OCIR capabilities?. OCIR is restricted to specific OCI regions, limiting its availability for global deployment scenarios. In each region that is enabled for your tenancy, you are charged for stored images as well as managed OCIR services. Container Registry cannot be used as as a public docker registry, restricting its usage only within the Oracle network. You can create up to 500 repositories in Oracle Cloud Infrastructure Registry, consuming a maximum of 500 GB in total, in every enabled region of your tenancy.

11. You are a DevOps engineer working on a project that images to and from Oracle Cloud Infrastructure Registry (Container Registry) using Docker CLI. You have been given access to Container Registry and have installed local machine. Which should you create and use to securely authenticate and store your Docker private Docker registry in OCI?. Master Encryption Key in OCI Vault. JSON Web Token. SSH Key Pair. Auth Token.

12. Your team is responsible for deploying a new version of an application that is being used by your company's finance department. The application is critical to the department's operations, and any downtime could have serious consequences What is the recommended approach in OCI for creating environments for this scenario?. Deploy the application to two separate OCI tenancies to ensure complete isolation between environments. Use a single OCI region and create two separate Virtual Cloud Networks (VCNs), one for the blue environment and one for the green environment. Use a single Kubernetes cluster with two node pools, one for the blue-green environment and one for the canary environment. Configure two OKE clusters, selecting the blue-green traffic shift strategy using a load balancer.

13. As a developer working on a software project to be deployed on OKE, you have created a Helm chart for your application. You want to deploy the chart using OCI DevOps service. Which statement is true about deploying a Helm Chart using OCI DevOps service?. The values.yaml file is a generic file located in the OCI Container Registry. You must create a reference to this file. The Helm charts must be located in the OCI Container Registry repository for deployment. Oracle Cloud Infrastructure (OCI) DevOps service supports deployment of Helm charts to Container Instances. A single chart can be installed only once into the same cluster, and create single release.

14. As a DevOps engineer, you have been assigned the task of creating Helm charts to streamline the deployment of microservices in a container engine for Kubernetes (OKE) cluster. Which of the following statements about Helm chart deployment using OCI DevOps is NOT true?. Helm charts must be located in the OCI Container Registry for deployment. Helm charts contain templates of Kubernetes YAML manifest files and a values.yaml file to supply the default template values. The values.yaml file is specific to each deployment and cannot be shared. Helm charts can be deployed to public and private OKL clusters.

15. How can system administrators ensure that only signed images from Oracle Cloud Infrastructure Registry are deployed to a Container Engine for Kubernetes cluster?. By disabling access to the Container Engine for Kubernetes cluster. By encrypting the images using a custom encryption algorithm. By configuring an image verification policy for the cluster. By manually inspecting each image before deployment.

16. As a DevOps Engineer, you are tasked with securely storing and versioning your application's source code and automatically build, test, and deploy your application to Oracle Cloud Infastructure (OCI) platform. You are told to automate manual tasks and help software teams in managing complex environments at scale. Which three OCI services can you choose to accomplish these tasks?. DevOps project. Oracle Cloud Infrastructure Registry. Oracle Cloud Logging Analytics. Container Engine for Kubernetes. Oracle APEX Application Development.

17. In Kubernetes clusters created by Container Engine for Kubernetes, how is data in eted encrypted at rest by default?. Data is encrypted using TLS. Users must manage their own encryption keys. Oracle encrypts data using a master encryption key it manages. Data is stored without encryption.

18. As a DevOps engineer working on managing clusters on the OCI platform for your organization, which statement is true about managing cluster add-ons in OCI OKE Cluster?. When creating a new cluster, essential cluster add-ons cannot be disabled. When enabling a cluster add-on, you cannot configure the add-on by specifying one or more key/value pairs to pass as arguments to the cluster add-on. When creating a new cluster, essential cluster add-ons are set to manually update. When you disable a cluster add-on using the console, the add-on is completely removed from the cluster.

19. An operations team wants to leverage the advanced features of Container Engine for Kubernetes (OKE) and requires granular control over cluster add-on, workload indentity, and improved worker node management. Thay also prioritize strong security measures and require a financially-backed service level agreement (SLA) for Kubernetes API server uptime Which type of cluster should they choose to meet their requirements?. Federated clusters. Enhanced elusters. Virtual clusters. Specialized clusters.

20. Which type of cluster can self-managed nodes be added to în OCI Container Engine for Kubernetes (OKE)?. Managed clusters. Enhanced clusters. Virtual clusters. Basic clusters.

21. A DevOps engineer is asked to access an Oracle Cloud Infrastructure Container Engine Kubernetes (OKE) cluster to deploy new applications and manage existing ones Which two statements are true?. To access the cluster using kubectl, you have to set up a Kubernetes manifest file for the cluster. The kubeconfig file by default is named config and stored in the $HOME/.manifest directory. Generating an API signing key pair is not required while setting up cluster access using local machine if the public key is not already uploaded in the console. The only available option when a cluster's Kubernetes API endpoint has a public IP address is to control the cluster locally using kubectl and the Kubernetes Dashboard. When a cluster's Kubernetes API endpoint has a public IP address, you can access the cluster in Cloud Shell by setting up a kubeconfig file. To access the cluster using kubectl, you have to set up a Kubernetes configuration file for the cluster. The kubeconfig file by default is named config and stored in the $HOME/.kube directory.

22. You're working with Docker images and containers, and you need to get rid of an image that's no longer needed. However, when you use the command to remove the image, you get the following error. #docker rmi mid123 d123f4c55e12 Error response from daemon: conflict: unable to delete d123f4e55e12 (cannot be forced) - image is being used by running container Of1262bd1285 Which steps would you take to delete the specified image?. To determine which container is using the image, use the 'docker ps -a' command. Stop the running container with the command 'docker stop d123f4e55e12', delete it with 'docker rm 0f1262bd1285', and delete the docker image with the command 'docker rmi Of1262bd1285'. To determine which contamer is using the image, use the 'docker ps -a' command. Stop the running container with 'docker stop Of1262bd1285', delete it with 'docker rm 0f1262bd1285', and delete the docker image with 'docker rmi d123f4e55e12'. To determine which container is using the image, use the 'docker ps -a' command. Kill the running container with 'docker Kill of1262bd1285', delete it with 'docker rmc 0f1262bd1285, and delete the docker image with 'docker rmi d123f4e55e12'. To determine which container is using the image, use the 'docker ps -a' command. To delete the container, use the 'docker rm 0f1262bd1285" command and to delete the docker image, use the 'docker rmi d123f4e55e12' command.

23. You as a DevOps Engineer are asked to manage an application to be deployed in Oracle Cloud Infrastructure Container Engine for Kubernetes(OKE). This requires pulling Images from Oracle Cloud Infrastructure Registry (OCIR) during deployment. Which three statements are true?. Use kubectl to create a Docker registry secret. Add a containers section that specifies the name and location of the images y from OCIR, along with other deployment details. Add a snapshot section that specifies the name and location of the images you from OCIR, along with other deployment details. Add an Auth section to the manifest file that specifies the name of the Docker secret you create using Auth Token to access OCIR. Add an image PullSecrets section to the manifest file that specifies the name of the Docker secret you created to access OCIR.

24. As a cloud engineer, you are responsible for managing a Kubernetes cluster on the Oracle Cloud Infrastructure (OCI) platform for your organization. You are looking for ways to ensure reliable operations of Kubernetes at scale while minimizing the operational overhead of managing the woker node infastructure. Which cluster option is the best fit for your requirement?. Using OCI OKE virtual nodes to eliminate worker node infrastructure management. Using Kubernetes cluster add-ons to automate worker node management. Creating and managing worker nodes using OCI compute instances. Using OCI OKE managed nodes with cluster autoscalers to eliminate worker node infrastructure management.

26. You are working on a DevOps project to deploy Oracle Cloud Infrastructure (OCI) compute instance running web services, the deverlopment team indicated that when the compute Instances are deployed, it should automatically create OCI Object Storage buckets wich respective instance names Which two can help you. Oracle Functions. Cloud Agent Plugin for the. Events Service. OCI CLI command "oci os bucket create-auto value>". Service Connector Hub.

25. A team wants to deploy artificial intelligence and machine learning workloads in their OCI Container Engine Kubernetes(OKE) cluster. They prioritize strong isolation, cost-efficiency,and the ability to leverage serverless capabilities Which solution is best suited for their requirements?. Self Managed Nodes in OKE. Virtual nodes in OKE. Managed nodes in OKE. Container Instances in OCI.

27. How can customers rotate their master encryption keys in the Oracle Cloud Infrastructure (OCT) Vault service. If you import your own key,rotate. If you import your own key, you cannot rotate the key. You will have to import a new key to. Customers can rotate their keys every 30 days. They may enter a service request (SR) to request a rotation sooner than 30 days since the last rotation. Customers can only have OCI rotate their keys once a year. Customers can rotate their keys by creating a new Key Version.

28. Why is it important to extract output artifacts from the Oracle Cloud Infrastructure (OCI) DevOps build pipeline and store them in an Artifact Registry repository?. Deliver Artifacts is a required stage of the build pipeline, and the entire pipeline won't work if it is not included in order to extract artifacts after the Managed Build stage. Storing build artifacts in registries helps the deployment pipeline differentiate output artifacts created by the build pipeline from artifacts copied from a Git repository. All artifacts are permanently stored in the build pipeline. Extracting just the ones required for deployment tells the deployment pipeline which artifacts to use. Output artifacts aren't permanent. If they are to be used in the Deliver Artifacts stage, they need to be exported as output artifacts to a registry.

29. As a DevOps engineer working with OCI DevOps, you are managing artifacts for a microservices application. Based on your understanding of working with DevOps projects and artifacts, which statement is true?. It is recommended to make artifacts immutable to prevent any modifications after they are uploaded. In the build pipeline, to store the Managed Build stage outputArtifacts, you need an OCI Object storage. Once created, the artifact's name, type, and source cannot be modified. Artifacts can be used directly by OCI DevOps without the need for them to be located or mirrored in an OCI Artifact of Container registry.

30. Your organization is planning to adopt Infrastructure as Code (laC) principles to manage its cloud infrastructure efficiently. As part of the training program, the team is discussing the concept of Infrastructure as Code and Terraform? Which of the following statements best describes Infrastructure as Code (laC) and Terraform?. Infrastructure as Code (lac) is a software engineering approach in which infrastructure is managed using code, and Terraform is a configuration management tool widely used for this purpose. Infrastructure as Code (laC) involves managing infrastructure using graphical user interfaces, and Terraform is a scripting language used for this purpose. Infrastructure as Code (laC) refers to manually configuring infrastructure components, while Terraform is a version control system for managing infrastructure code. Infrastructure as Code (laC) is a concept used only in traditional IT environments, and Terraform is a proprietary cloud platform for managing infrastructure.

31. You are tasked with creating your first Terraform configuration file to deploy a virtual machine (VM) on Oracle Cloud Infrastructure. the Terraform Which of the following steps would you typically perform first in the Terraform workflow?. terraform init command to Initialize the Terraform working directory and download provider plugins and modules. terraform apply command to apply the Terraform configuration and create the infrastructure resources,. Define the desired state of the infrastructure using Terraform configuration language in a .tf file. terraform plan command to generate an execution plan showing what Terraform you apply the configuration.

32. A company is having trouble keeping up with competitors and wants to know more about DevOps solutions. What does Oracle Cloud Infrastructure (OCI) DevOps do that can help?. OCI DevOps helps detect failures and outages using anomaly detection and analytics. OCI DevOps helps avoid downtime during deployments using A/B Testing and shadow deployments. OCI DevOps ensures security through automated Jira notifications. OCI DevOps helps automate build pipeline triggers on code commits and optionally deploys successful builds to production environments.

33. As a DevOps engineer at XYZ Corp, you are responsible for managing the logging of an application hosted on Oracle Cloud Infrastructure (OCI).. The application logs contain sensitive information that requires restricted access to ensure data privacy and compliance In this OCI DevOps scenario, what could be a suitable solution to restrict access to sensitive log data generated by the application?. Configure a Notifications Topic to alert when any sensitive data is logged into the Logging Service. Transition all sensitive logs into Object Storage using Service Connector. Choose a separate logs group for sensitive logs and use IAM policies. By default, OCI Logging identifies and restricts access to any sensitive logs.

34. ABC Corp is a software development company that leverages Oracle Cloud Infrastructure (OCI) for their DevOps practices. They have a microservices-based architecture running on OCI, and their development team wants to ensure efficient observability across their infrastructure, middleware, and application tiers Manhel How can ABC Corp benefit from observability practices in their OCI-based DevOps environment?. Improve security measures to protect their infrastructure. Automate deployment and provisioning of OCI resources. Gain real-time insights into the performance of their microservices. Collaborate more effectively with stakeholders in the development process.

35. As an engineer working on containerizing your application on the OCI platform, which of the following statement is true about OCI container instances?. You can configure the number of resources that the container consumes in absolutes or percentages. The amount of time the container instance waits for the OS to shan down before powering off is managed internally. By default, the container can use only 50% of resources in the container instance. The image source for a container instance can only be selected from Oracle Cloud Infrastructure Registry (also known as Container Registry), which is an Oracle-managed registry that enables you to store share and manage container images.

36. A software development team is working on a prototype using Node.js and MongoDB as their programming language and database, respectively. They need to develop and test isolated web applications or RESTful APIs. They are looking for a simple, quick, and secure way to run containers without managing any servers Which OCI service is best suited for this use case?. Compute Instances. OCI DevOps Project. OCI Functions. Container Instances.

37. The Kubemetes Master node serves as the central control plane for managing the cluster's resources and orchestrating workload deployment. What are the primary responsibilities of the Kubernetes Master node?. The Master node is primarily tasked with executing application workloads and ensuring their availability within the cluster. The Master node oversees the scheduling and allocation of cluster resources, ensuring optimal utilization across nodes. The Master node serves as a repository for storing container images, facilitating rapid deployment and scaling of applications. The Master node monitors network traffic within the cluster, ensuring secure communication.

38. How can you scale a deployment named nodejs-deployment to have two replicas?. kubectl adjust deployment nodejs-deployment -replicas-2. kubectl set replicas deployment nodejs-deployment --replicas-2. kubectl scale deployment nodejs-deployment -replicas-2. kubectl resize deployment nodejs-deployment-replicas-2.

40. As a startup planning to set up your infrastructure on Oracle Cloud Infrastructure (OCI), you must understand the key concepts of OCI Resource Manager. Which best describes a stack in Resource Manager that will assist you to manage infrastructure using the infrastructure-as-code model?. It represents a request to take a Terraform action on a state. It performs the actions that are defined in the configuration file. It represents a collection of OCI resources created in the Compartment and includes a collection of Terraform playbooks that specify the resources you want to manage. It represents a collection of OCI resources created in the Compartment and includes a collection of Terraform files that specify the resources you want to manage. It represents a request to take a Terraform action on a state. It performs the actions that are defined in the inventory file.

39. You are a developer and have been asked to develop an e-commerce website for your organization. It must support a variety of clients including desktop browsers, mobile browsers and native mobile applications Which two approaches can you use to build the application to achieve deployment independence, easier technology upgrades, and resiliency to architecture changes?. Choose monolithic approach over microservices as it has better fault isolation capability. Implement each module as an independent service process which can be replaced, updated, or deleted without disrupting the rest of the application. Use monolithic approach, as it allows you to easily redeploy your applications to perform frequent updates. Use monolithic approach to as as it makes it easier to incrementally adapt to newer technology. Use microservices architecture as it eliminates any long-term commitment to a technology stack.

41. A company uses OCI Resource Manager to manage their infrastructure as code. They need to check if their current infrastructure matches the configuration in their stack Which feature helps identify differences between the actual state and the last executed stack?. Stack Monitoring. Resource Discovery. Drift Detection. Configuration Compliance.

42. You host your application on a stack in Oracle Cloud Infrastructure (OCI) Resource Manager. Because of recent growth in your user base, you decide to add a CIDR block to your VCN, add a subnet, and provision a compute instance in it Which statement is true?. You can make the changes to the Terraform code, run an Apply job, and Resource Manager will provision the new resources. You can make the changes to the Terraform code, run a Drift Detection job, and Resource Manager will provision the new resources. You need to provision the new resources in the OCI console first, then add them later to the Terraform configuration and state. You need to provision a new stack because Terraform uses immutable infrastructure.

43. As an engineer building and deploying applications using an OCI DevOps project, which action can help ensure the security and reliability of the code in the build and deployment pipelines?. Using Jira to track user stories and bug fixes in the development process. Using Application Dependency Management (ADM) to identify security weaknesses in software applications by checking their dependencies. Using third-party tools like Ansible, Terraform, or OverOps to analyze code for security defects or bugs in code quality. Using version control tools like Git or SVN to track and manage changes in the codebase.

44. As a DevOps engineer working on a CI/CD pipeline for your company's application, you have completed code analysis, image scanning, and automated testing. What is the next step to ensure a secure and reliable deployment?. Add a traffic Shift stage to route the traffic between two sets of backend IPs. Add a shell stage to run custom commands in the deployment pipeline. Add a approval stage to pause the deployment for a specified duration for manual decision from the approver. Add an invoke function stage to run code or custom logic in a serverless manner.

45. A DevSecOps engineer has signed a container image using the keys stored in the OCI Vault service. Upon trying to verify a particular signature with the Vault service, the image verification fails. Which of the following could be a potential reason for the failure?. Both the OCID of the master encryption key and the OCID of the key version stored in Oracle Cloud Infrastructure Vault were used to sign the image. The master encryption key in Oracle Cloud Infrastructure Vault was created using AES symmetric keys. The master encryption key in Oracle Cloud Infrastructure Vault was created using RSA or ECDSA asymmetric key. The --description and --metadata options were left blank while creating the image signature using OCI CLI.

46. Your company is working on a high-profile project and any code push to production requires approvals. Your company is using Oracle Cloud Infrastructure (OC) DevOps service for automating this process. You want to push an artifact to production and would like to addprovers to the approval workflow in the Depeloyment Pipeline. How can you add approvers?. Add approvers to the buildspec file before pushing the code to the OCI Code Repository. Add approvers to the Deployment Pipeline and give them access via OCI IAM policy. Email approvers before you run the Deployment Pipeline. Manually add approvers' names and email addresses in the Deployment Pipeline page.

47. As a DevOps engineer, you are tasked with creating stages for an Oracle Kubernetes Engine (OKE) deployment pipeline in OCI DevOps. Your goal is to include as many actions as possible within the deployment pipeline stages themselves Which two stages can you add to achieve this goal?. Add a stage to scan the container image before deploying to the Kubernetes cluster. Add a stage to deploy based on Blue-Green strategy or Canary strategy to OKE environment. Add a stage to apply the Kubernetes manifest to the Kubernetes cluster. Add a stage to deploy to the OKE environment based on Cloud Guard alerts. Add a stage to deliver artifacts to an Oracle Cloud Infrastructure (OCI) Artifact Registry.

48. As a small company that wants to adopt a DevOps framework and a consumption-based pricing model, which Oracle Cloud Infrastructure service can be used as a target deployment, environment providing features like automated rollbacks, self-healing of failed container, and configuration management, without the overhead of managing security patches and scaling?. OCI Container Instances. OCI Container Engine for Kubernetes (OKE) with virtual nodes. Compute Instance Group. OCI Container Engine for Kubernetes (OKE) with managed nodes.

49. A small company is moving to a DevOps framework to better accommodate their intermittent workloads, which are dynamic and irregular. They want to adopt a consumption-based pricing model. Which Oracle Cloud Infrastructure service can be used as a target deployment environment?. Bare metal compute instance. Virtual machine compute instance. Functions. Oracle Kubernetes (OKE).

50. You're using Oracle Cloud Infrastructure(OCI) DevOps service to automate your software releases to release features more frequently and with fewer errors. While deploying an update to production, one of your deployment stages failed. What action should you perform in your Deployment Pipeline?. Automate back up and use the rerelease stage in the Deployment Pipeline. Roll back the failed stage in the pipeline to the previous successful released version. Add Rescue and Trigger stages to automatically trigger the failed deployment. Use OCI DevOps Trigger and Rerun tool to avoid downtime.

69. Which of the following is NOT considered a DevOps resource in the context of the OCI DevOps project service?. Build pipelines. API integrations. Code repositories. Environments.

70. You have been asked to provision a new production environment environment on Oracle Cloud Infrastructure (OCI). After working with the solution architect you you decide that you are going to automate this process. Which OCI service can help automate the provisioning of this new environment?. Oracle Functions. Oracle Container Engine for Kubernetes. OCI Streaming Service. OCI Resource Manager.

71. You are a DevOps lead and are in-charge of updating the Terraform template definition to easily create newer resources and manage OCI resources for your project. Which statement is FALSE?. You can use Resource Manager to share and manage infrastructure configurations and state files across multiple teams. You can use resource discovery to scan the Project compartment and create Terraform configuration and state files, introducing automation to manage cloud resources. You can use Resource Manager, which is an Oracle-managed service that automates deployment and operations for all Oracle Cloud Infrastructure resources. You can use resource discovery to identify infrastructure changes that don't comply with the organization's policies.

72. As a DevOps engineer, you are tasked with streamlining the build process for a web application and decide to eliminate a specific testing stage from a build pipeline. What happens to the associated resources when the stage is removed?. The associated resources are removed, but the stage itself remains available. The associated resources are still available, but the stage is marked for deletion. The associated resources are marked for deletion, but they are not deleted until manually removed. rer. Both the associated resources and the stage are completely removed from the build pipeline.

73.How do OCI DevOps deployment pipelines reduce risk and complexity of production applications?. By eliminating downtime of production applications. By scaling builds with service-managed build runners. By working with existing Git repositories and Cl systems. By reducing change-driven errors introduced by manual deployments.

74. You have a stack in Oracle Cloud Infrastructure (OCI) Resource Manager that is co-managed by multiple teams. Which statement is true?. The resources in the stack can still be edited or destroyed through the OCI console, causing Resource Manager's state to be out of sync. Resources provisioned by Resource Manager can only be managed through Resource Manager, preventing the state from becoming out of sync. The resources in the stack can no longer be edited or destroyed through the Terraform CLI on a local machine. The Terraform state may become corrupted if multiple people attempt Apply jobs in Resource Manager simultaneously.

75. Your customer has deployed their microservices based application on Oracle Container Engine for Kubernetes (OKE) and they are using Oracle Cloud Infrastructure Registry (OCIR) senice as their Docker image repository. They have deployed the OKE cluster using the 'custom create' option, and their Virtual Cloud Network (VCN) has three public subnets with associated route tables, security lists, and an internet gateway They are facing an issue where their application containers are falling to deploy. Upon investigation, they learn that the images are not getting puled from the designated OCIR repository. The YAML configuration has the correct path to the images. What is a valid concern that needs to be further investigated?. They need to add IAM credentials for each user that deploys applications to the OKE cluster. They need to add a security list rule for TCP port 22 to connect to the OCIR service. The OKE cluster needs to have a secret with credentials of their OCIR repository and use that secret in the Kubernetes deployment manifest. The VCN hosting the OKE cluster worker nodes needs to have a NAT gateway to access OCIR repositories.

76. Which of the following external repositories requires an HTTP access token instead of a personal access token (PAT) to create a connection in the OCI DevOps project service?. GitHub Enterprise Cloud. GitLab SaaS. GitLab Server. Bitbucket Server.

77. Which is a proper rule to follow when creating container repositories inside the Oracle Cloud Infrastructure (OCI) Registry?. Vulnerability scanning is enabled for all repositories by default, so no explicit action is needed. When naming a container repository, you may use capital letters but not hyphens. For example, you may use BGdevopsstorefront, but not bgdevops-storefront. When creating a container repository, check the Immutable Artifacts box, as it keeps other developers from altering the files. Each image should have a separate container repository, but multiple versions of the same image can be stored in one repository.

78. The development team at XYZ Corp is encountering dificulties with their application built on a monolithic architecture. They are experiencing limitations in scaling individual components independently, deploying updates without affecting the entire system, and achieving isolation between different functionalities. This has led to bottlenecks and delays in their development and deployment processes Which architectural approach should they consider adopting?. Implement a hybrid architecture. Stick with the monolithic architecture. Refactor the monolithic application. Transition to a microservices architecture.

79.Which statement is false about OCI Resource Manager (RM) ?. RM can generate Terraform based on the resources in a compartment. RM can render custom "Application Information" pages for stacks. Resources provisioned through RM cannot be destroyed from outside of RM. RM can mirror repositories from GitHub and GitLab.

80. As a DevOps engineer at XYZ Corp, you are working on a DevOps project that involves automated deployments and continuous integration/continuous delivery (CI/CD) processes. You want to set up an automated action to be triggered when a specific event occurs within your project, such as the successful completion of a deployment or the failure of a test suite. Which feature of the OCI Events Service can be used to trigger an automated action when a specific event occurs in the project?. Functions. Definitions. Actions. Rules.

81. As a developer working with the Oracle Cloud Infrastructure (OCI) DevOps service, which action is essential when creating a build spec YAML file for the build pipeline?. Enter the necessary vault secret variable OCIDs into the storeArtifacts section. Enter the vault secrets needed for the deployment pipeline into the exported Variables section. Enter the necessary vault secret variable OCIDs into the vaultVariables section. Enter the vault secrets needed for the deployment pipeline into the local Variables section.

82. You are part of the DevOps team and troubleshooting an issue related to a newly deployed web application. The clients for the web application have reported failures with creating records into the application over an HTTPS connection. The current logs collected by the Oracle Cloud Infrastructure (OCI) Logging service is not providing much information related to the issue. You have been asked to enable specific logs applicable to services along with configuring an alarm to monitor any new failures. Which two steps can you perform to meet this requirement?. Install the OCI compute agent software on client systems, enable Custom log and create an agent configuration selecting log path. Create a Rule Condition for DevOps Events (com.oraclecloud.devopsbuild.createconnection.begin, com.oraclecloud.devopsbuild.createconnection.end) and enable Notifications Service. Enable Custom log specific to the application server log and create an agent configuration with selecting log paths. Create custom filters with required data fields (for example: source, time, statusCode, message) to filter log messages, configure Service Connector with Monitoring for creating an Alarm.

83. You're using Oracle Cloud Infrastructure (OCI) DevOps to deploy your application on an Oracle Container Engine for Kubernetes (OKE) environment. You push your code to the OCI Code Repository, add all the required stage and configure the build and deployment pipeline. When you run the build, you see "unable to clone the repository What could the configuration error be?. The OKE cluster is not configured to allow external access to the code repository. The Docker image used in the pipeline is incompatible with the OKE environment. Dynamic Groups and OCI IAM policies to access the code repository are missing. OCA bundle for Transport Layer Security (ILS) verification to download the build source during the build run is missing.

84. As a DevOps engineer working on a project to deploy container images to Oracle Cloud Infrastructure Container Registry (OCIR), you have the option to create an empty repository in advance or allow the system to create a repository automatically on first push. Which statement about automatic repository creation is true?. Automatic repository creation only works for repositories in the normal user compartment. To create a new public repository in the root compartment automatically, you need not belong to the tenancy's Administrators group or have the REPOSITORY_MANAGE permission on the tenancy,. If you select the "Create repositories on first push in root compartment" option and push an image with a command that includes the name of a repository that doesn't already exist, a new private repository is created automatically in the root compartment. Automatic repository creation is triggered by running the command docker push <faultDomain-Key>.ocir.oci/<tenancy-namespace>/<repo-name>: <tag>, even if the repository doesn't exist.

85. As a DevOps Engineer, you are tasked with explaining the key concepts of Terraform to a new team member. You want to ensure they understand the fundamental concepts of Terraform. Which of the following best describes the purpose of Terraform variables?. Terraform variables are used to output the final state of the infrastructure after deployment. Terraform variables are used to manage the life cycle of Terraform resources. Terraform variables are used to define the structure and organization of Terraform configuration files. Terraform variables are used to define input values for Terraform configurations, allowing for customization and reuse of infrastructure code.

86. A healthcare company has a cloud-based healthcare application deployed on OCI platform. The company is committed to ensuring uninterrupted availability of the application and swift resolution of any issues. To achieve this, they have implemented a system that regularly monitors the performance of the healthcare application and sends alerts to the relevant technical team when performance drops below a certain threshold. This practice aligns with which specific DevOps principle?. Continuous Monitoring. Continuous Testing. Continuous Delivery. Continuous Integration.

87. A DevOps team is deploying a new version of their application to their production environment using the Canary deployment strategy in the OCI DevOps service. They want to ensure that the production environment is not affected by any potential issues caused by the new version. Which statement is true in regards to the Canary deployment strategy?. The Shift Traffic stage in the Canary deployment strategy shifts the entire 100% of the production traffic to the Canary environment. The Canary deployment strategy only supports pipeline redeployment for OKE and not for instance group deployments. The Production stage in the Canary deployment strategy deploys the new version to the production environment without any manual approval. The Invoke Function stage is an optional stage that can be used to validate the new version before moving to the production environment.

88. As a DevOps engineer working on an OCI project, you're setting up a deployment pipeline to automate your application deployments. Which statement is false about deployment pipeline in OCI DevOps?. You can add a Wait stage that adds a specified duration of delay in the pipeline. You can add an Approval stage that pauses the deployment for a specified duration for manual decision from the approver. Using deployment pipeline, you can deploy helm charts in OCI Function. You can add a Traffic Shift stage that routes the traffic between two environments.

89. What is a prerequisite for creating a secret in the Oracle Cloud Infrastructure Vault service?. The user must create a compute instance to run the secret service. You must have a Vault-managed key to encrypt the secret. You must first create a hash digest of the secret value. You must have an auth token to encrypt the secret.

90. Your team is working on a project to deploy a microservices-based application on a cloud platform using Terraform. Each microservice has specific configurations and dependencies, and you want to ensure modularity, reusability, and consistency across deployments. Which Terraform feature would you use to achieve these objectives efficiently?. Terraform Variables. Terraform Modules. Terraform Workspaces. Terraform Providers.

91. As a DevOps engineer working on setting up OCI CI/CD pipelines and artifacts for automated deployment of container images to an OKE environment, which statement about adding a Container Image Repository artifact is true?. Use of Parameters is not allowed in the container images artifacts. An OCI Container Registry repository is required in the build pipeline to store the Managed Build stage output in the form of container images. You can create an inline artifact reference for the container image artifact. The Container Registry repository path may not be the fully qualified path to an Oracle Cloud Infrastructure (OCI) Container Registry repository.

92. A company wants to implement CI/CD automation process on Oracle Cloud Infrastructure (OCI) DevOps. An automatic trigger is created in such a way that when someone pushes the code from a Git repository to the OCI Code Repository, it trigger builds all the way to the deployment pipeline. Which DevOps IAM policy statements are required for this automation?. Build Pipeline: Allow dynamic-group <BuildPipeline> to manage all-resources in compartment <compartment name>. Code Repo: Allow dynamic-group <Code Repository> to manage all-resources in compartment <compartment name>; Build Pipeline: Allow dynamic-group <BuildPipeline> to manage all-resources in compartment <compartment name>. No DevOps IAM policy statements are required. Code Repo: Allow dynamic-group <Code Repository to manage all-resources in compartment <compartment name>; Build Pipeline: Allow dynamic group <BuildPipeline> to manage all-resources in compartment <compartment name>; Deployment Pipeline: Allow dynamic-group <DeploymentPipeline> to manage all-resources in compartment <compartment name>.

93. As a Site Reliability Engineer (SRE) at a fast-growing startup, you are responsible for monitoring the performance of the company's cloud native applications hosted on Oracle Cloud Infrastructure (OCI). One of your major concerns is identifying and troubleshooting application bottlenecks quickly to ensure optimal performance for end users. Which group of OCI services can you leverage to get real-time application insights and troubleshoot performance issues effectively?. OCI Service Connector Hub, Events, and Application Performance Management. Oracle Container Engine for Kubernetes (OKE), Instance Groups, and Functions. OCI Resource Manager, Logging, and Cloud Guard. OCI Logging, Monitoring, and Events.

51. Which of these is NOT a benefit of using DevOps as a service on Oracle Cloud Infrastructure (OCI)?. Reduced development speed and increased time-to-market for applications. Reduced infrastructure and maintenance costs through automated provisioning and resource management. Creating a Continuous Integration pipeline to support continuous development efforts. Enhanced security and compliance measures for applications and infrastructure.

52. As a DevOps engineer working on c on containerizing a microservices-based application to be hosted on OCI Cloud platforms, which step can help ensure that the container images have not been modified after being pushed to Cloud Infrastructure Registry (OCIR)?. Deploying a manifest to the Kubernetes cluster that references the container image and its unique hash. Enabling scanning of container images stored in OOL Registry. Signing the image using the Container Registry CII and creating an image signature that associates the image with the master encryption key and key version in the Vault service. Scanning the image upon ingestion and comparing the image size for changes.

53. Which is NOT a val valid log category for the Oracle Cloud Infrastructure Logging service?. Custom Logs. Audit Logs. Execution Logs. Service Logs.

54. Which command creates the docker registry secret required in the application OKE to pull images from Oracle Cloud Infrastructure Registry?. kubectl create secret docker-registry <secret-name>--docker-server-<region-key.ocir.io docker-username=<oci-username>--docker-password="<oci-auth-token> -- docker-email=<email-address>. kubectl create passwd docker-registry <secret-name>--doker-server-<region-key>.oke.io --docker-username=<tenancy-namespace>/<oci-username> --docker- password=<oci-auth-token>--docker-email=<email-address>. kubectl create secret docker-registry <secret-name>-docker-server-<region-key>.ocir.io --docker-username=<tenancy-namespace>/<oci-username>--docker- password=<oci-auth-token>--docker-email<email-address>. kubectl create passwd docker-registry <secret-name>-docker-server<reaton-key>.oke.io --docker-username=<oci-username> --docker-password='<oci-auth-token>-- docker- email<email-address>.

55. Pods running in your Oracle Container Engine for Kubernetes (OKE) cluster often need to communicate with other pods in the cluster or with services outside the cluster. As the OKE cluster administrator, you have been tasked with configuring permissions to restrict pod-to-pod communications except as explicitly allowed. Where can you define these permissions?. IAM Policies. RBAC Roles. Network Policies. Groups.

56. Which of the following statement is INCORRECT with respect to a Dockerfile?. If CMD instruction provides default arguments for the ENTRYPOINT instruction, both should be specified in JSON format. An ENV instruction the environment value to the key, and it is available for the subsequent build steps in the running container as well. The RUN instruction will and commit the results. execute any commands in a new layer on top of the current image. WORKDIR instruction sets the King directory for any RUN, CMD, ENTRYPOINT instructions and not for COPY and MDD instructions in the Dockerfile.

57. You are a DevOps engineer responsible for managing the deployment pipeline of your organization's application hosted on Oracle Cloud Infrastructure (OCI). The pipeline is failing, and you need to troubleshoot the issue to identify the potential cause and fix it. You need the following information to investigate further: Time spent for each deployment Number of times a deployment has failed Which OCI service can provide you with the necessary inforn issue and help in debugging the same?. OCI Monitoring service. OCI Event service. OCI Data Science service. OCI DevOps Agent.

58. The DevOps team wants to validate the new version's performance and stability befor exposing it to the entire user base. The Team is adopting the Canary Deployment strategy to out a new version of their application in a production environment. They aim to minimize the impact of any potential issues before fully deploying the new version. Which stage in the OCI DevOps service allows the team to gradually divert a portion of the production traffic to the canary environment?. Load distribution stage. Invoke function stage. Manual approval stage. Shift traffic stage.

59. You are processing business transactions within applications deployed to Oracle Container Engine for Kubernetes (OKE). As each batch of 1000 transactions are processed, a status file is created and uploaded to an Oracle Cloud Infrastructure (OCI) Object Storage bucket. Each time a new file is created, you need to send an email to the customer to indicate final processing status. The solution should require the least amount of development effort, while still providing for a best effort guaranteed delivery. Which approach should be used to trigger these emails?. Define and schedule a Cron job that monitors the bucket, then sends an email when a new file. Create a rule in the OCI Events service that sends the bucket event to an OCI Notifications topic configured with an email subscriber. Create an alert in the OCI Monitoring service that triggers an email when the monitored bucket is. Deployan Oracle Function that checks the bucket every 60 seconds, then sends an email when a new file is found.

60. How does the Oracle Cloud Infrastru Autoscaler determine when to create new nodes for an OKE cluster?. When the custom metrics from the servi services exceed a configured threshold. When the rate of requests to the application crosses a configured threshold. When the resource requests from pods exceed a configured threshold. When the CPU or memory utilization crostes a configured threshold.

61. An operations team is exploring the use of OCI Container Container Instances to run their container workloads without managing servers. Which of the following statements is false regarding the use of Container Instances?. Billing for Container Instances is based on the allocated CPU and memory resources for each container instance. Container Instances provide a serverless compute service for containers, eliminating the need for server management. The underlying infrastructure for Container Instances is fully managod and hardened managodamdhardened by OCI, ensuring reliability and security. Container Instances require the team to perform provisioning, patching, and ongoing management of servers.

62. As a DevOps engineer at XYZ Corp, you have been assigned the task of setting upa nev OKE (Oracle Kubernetes Engine) cluster to manage the organization's Kubernetes applications hosted on Oracle Cloud infrastructure (OCI). Your goal is to ensure a smooth and efficient process while preparing for the cluster creation. Which of the following statements is false regarding the preparation process for setting up a new OKE cluster?. It is necessary to ensure sufficient quota on different resource types in your OCi tenancy for the cluster setup. Access to an Oracle Cloud Infrastructure tenancy is required to set up the new OKE cluster. Container Engine for Kubernetes automatically creates and configures new network resources for the new cluster. Container Engine for Kubernetes cannot utilize existing network resources for the creation of the new cluster.

63. A fully qualified path to a particular image in an OCIR repository is given as iad.ocir.io/ansh81vrulzp/project01/acme-web-app:version2.0.test. Identify the two options with correct terms and their associated values?. iad represents <region-key>. indocir.io/ansh81vrulzp represents region-key>. Ivru Izp/project01/acme-web-app:version2.0.test represents <repo-name>. ersion2.0.test represents <tenancy-namespace>. lzp represents <tenancy-namespace>.

64. You are a DevOps engineer who has recently joined a new department. You have created 10 Terraform stacks using Oracle Cloud Infrastructure (OCI) Resource Manager. Each stack creates a different set of resources in OCI for your development team. What determines the cost cost of of these these Terraform stacks?. The cost depends on the number of lines of text in your Terraform configuration files. The cost depends on the length of stacks. of time it takes to build each resource using these Terraform. The cost for each stack will be higher for a Pay As You Go subscription than for monthly flex billing. Resource Manager stacks are free but you are charged for the resources they create.

65. You are using the Oracle Cloud Infrastructure (OCT) DevOps service and you have successfully built and tested your software applications in your Build Pipeline. The resulting output needs to be stored in a container repository Which stage should you add next to your Build Pipeline?. Export packages. Trigger deployment. Managed build. Deliver artifacts.

66. You're using Oracle Cloud Infrastructure (OCI) DevOps to automate your application deployment for frequent releases. In one of your automation steps, you'll create a deployment pipeline What does this deployment pipeline do in OCI DevOps?. It is a sequence of steps for delivering and deploying your artifacts to a target environment. It takes a commit ID from your source code repositories and uses that source code to run your build instructions. It is a set of stages for your build process for building, testing and compiling software artifacts. It is used to store, manage, develop source code with OCI DevOps Code Repositories.

67. You are a DevOps project administrator. You are creating Oracle Cloud Infrastructure (OCI) identity and Access Management (IAM) policies that will be used in a DevOps CI/CD pipeline for deployment to an Oracle Container Engine for Kubernetes (OKE) environment. Which OCI IAM policy can be used?. Allow group <build pipeline to manage all-resources in compartment <compartment name>. Allow dynamic-group <code repository to manage devops-family in compartment <compartment name>. Allow group <deployment pipeline> to manage devops-family in compartment <compartment name>. Allow dynamic-group <deployment pipeline> to manage all-resources in compartment <Compartment name>.

68. Observability helps understand system behavior, but it has limitations. Which of the following tasks cannot be accomplished solely through observability?. Optimizing resource utilization. Identifying resource consumption. Identifying infrastructure bottlenecks. Automating software deployments.

94. While configuring your build spec.yaml file in OCI DevOps, which mistake could cause the build pipeline to fail?. Defined variables as exported Variables to make them available in subsequent stages of the same pipeline. Defined a field such as type: DOCKER_IMAGE in the outputArtifacts: section to specify the docker image produced by the Build stage. Used vault Variable to hold the content of the vault secrets in Base64 format. Defined parameters such as the $ {VARIABLE NAME} file and later assigned their values in the Parameters tab of the build pipeline.